Remote administration
ISA Server 2004 enables you to administer ISA Server computers from other computers. You can perform all ISA Server administrative tasks remotely, either from a computer running Remote Desktop Connection or from a Microsoft Management Console (MMC) installed on the remote computer.
Typically, your ISA Server computer will be located centrally with your other corporate servers, and not near your office location. You may want to administer ISA Server from another computer on the same network as the ISA Server computer or from a home computer. You may provide consulting services to clients that are using ISA Server to secure the networks, and are responsible for maintaining and monitoring their ISA Server computers. Remote administration enables you to administer ISA Server in all of these cases.
When you install ISA Server, the default system policy allows remote administration from all members of remote management computers. You can configure remote administration, by editing the appropriate MMC or Terminal Server configuration group in the System Policy editor. You can configure the system policy configuration groups to apply to specific network objects. For example, you may want to limit the system policy rule to apply only to the IP address of the specific remote management computer, rather than to all the computers in the Internal network.
Remote administration with Remote Desktop Connection
You can connect to an ISA Server computer from any computer running Terminal Services. There are several advantages to using Terminal Server to connect to the ISA Server computer. Terminal Server allows you to view the desktop of the ISA Server computer as if you were in front of the monitor attached to the ISA Server computer. This results in faster refresh rates, because the work of refreshing the view is done by the ISA Server computer, and only the information that comprises the picture on the monitor has to be transmitted to the remote computer.
Remote administration with MMC
When you install ISA Server, you can perform a custom installation, installing only ISA Server Management. For installation instructions, see Install ISA Server Management.
When you run ISA Server Management, you can connect to a computer with ISA Server installed. For instructions, see Connect to an ISA Server computer.
There are advantages to remote administration with ISA Server Management. Using ISA Server Management, you can connect to and display information from many ISA Server computers at once. This is useful for central administration of geographically dispersed ISA Server computers, or in a situation where you provide consulting for several companies running ISA Server.
To run ISA Server Management you need:
- A personal computer with a 300 megahertz (MHz) or higher Pentium II-compatible CPU
- Microsoft® Windows ServerTM 2003, Windows® 2000 Server, or Windows XP
- 256 megabytes (MB) of memory
- 19 MB of available hard disk space
To manage a remote ISA Server computer using ISA Server Management, you must use the System Policy Editor to enable the Remote Management: Microsoft Management Console configuration group.
In addition, if you are connecting from the ISA Server computer, you must add an access rule, allowing the Local Host network to access the managed ISA Server computer using the Firewall Control protocol. For instructions, see Create an access rule.
